-
Notifications
You must be signed in to change notification settings - Fork 309
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New automatic user event collection #4674
Conversation
Overall package sizeSelf size: 8.28 MB Dependency sizes| name | version | self size | total size | |------|---------|-----------|------------| | @datadog/libdatadog | 0.2.2 | 29.27 MB | 29.27 MB | | @datadog/native-appsec | 8.3.0 | 19.37 MB | 19.38 MB | | @datadog/native-iast-taint-tracking | 3.2.0 | 13.9 MB | 13.91 MB | | @datadog/pprof | 5.4.1 | 9.76 MB | 10.13 MB | | protobufjs | 7.2.5 | 2.77 MB | 5.16 MB | | @datadog/native-iast-rewriter | 2.6.0 | 2.58 MB | 2.72 MB | | @opentelemetry/core | 1.14.0 | 872.87 kB | 1.47 MB | | @datadog/native-metrics | 3.0.1 | 1.06 MB | 1.46 MB | | @opentelemetry/api | 1.8.0 | 1.21 MB | 1.21 MB | | import-in-the-middle | 1.11.2 | 112.74 kB | 826.22 kB | | source-map | 0.7.4 | 226 kB | 226 kB | | opentracing | 0.14.7 | 194.81 kB | 194.81 kB | | lru-cache | 7.18.3 | 133.92 kB | 133.92 kB | | pprof-format | 2.1.0 | 111.69 kB | 111.69 kB | | @datadog/sketches-js | 2.1.0 | 109.9 kB | 109.9 kB | | semver | 7.6.3 | 95.82 kB | 95.82 kB | | lodash.sortby | 4.7.0 | 75.76 kB | 75.76 kB | | ignore | 5.3.1 | 51.46 kB | 51.46 kB | | shell-quote | 1.8.1 | 44.96 kB | 44.96 kB | | istanbul-lib-coverage | 3.2.0 | 29.34 kB | 29.34 kB | | rfdc | 1.3.1 | 25.21 kB | 25.21 kB | | @isaacs/ttlcache | 1.4.1 | 25.2 kB | 25.2 kB | | tlhunter-sorted-set | 0.1.0 | 24.94 kB | 24.94 kB | | limiter | 1.1.5 | 23.17 kB | 23.17 kB | | dc-polyfill | 0.1.4 | 23.1 kB | 23.1 kB | | retry | 0.13.1 | 18.85 kB | 18.85 kB | | jest-docblock | 29.7.0 | 8.99 kB | 12.76 kB | | crypto-randomuuid | 1.0.0 | 11.18 kB | 11.18 kB | | path-to-regexp | 0.1.12 | 6.6 kB | 6.6 kB | | koalas | 1.0.2 | 6.47 kB | 6.47 kB | | module-details-from-path | 1.0.3 | 4.47 kB | 4.47 kB |🤖 This report was automatically generated by heaviest-objects-in-the-universe |
BenchmarksBenchmark execution time: 2024-12-13 12:41:15 Comparing candidate commit a752423 in PR branch Found 3 performance improvements and 0 performance regressions! Performance is the same for 261 metrics, 2 unstable metrics. scenario:plugin-graphql-with-depth-and-collapse-on-18
scenario:plugin-graphql-with-depth-off-18
scenario:plugin-graphql-with-depth-on-max-18
|
system tests are expected to fail. See this PR for green system-tests: DataDog/system-tests#3666 |
Co-authored-by: Igor Unanua <igor.unanua@datadoghq.com>
What does this PR do?
TL;DR:
RTFM:
passport instrumentation:
passport-local
andpassport-http
by sharing the wrappers between the two inpassport-utils.js
(by usingthis._passReqToCallback
instead of the config object)err
argument inpassport-utils.js
when wrapping the callback ofverify()
to not publish auth events when a db error occured for examplecredentials
fields in passport verify event as they're useless. Instead addsuccess
andlogin
datadog:passport:verify:finish
channelthis.name
to get strategy name instead of setting an hardcoded valuepassport-http and passport-local tests:
passReqToCallback: true
in the correct place to actually test this case, which requires having two strategieschore: delete passport-utlis tests as they were not useful and replace them with passport-http and passport-local tests
RC for auto user events collection mode:
SDK:
trackEvent()
into its own function for better clarityusr.login
to the metadata tags if not already provided, with the value ofusr.id
index.js
onPassportVerify()
because it can be enabled and disabled by RConPassportVerify()
a little to put the responsibility of providing the correct data on the publisher instead of the subscriberonPassportVerify()
Telemetry:
Automated User Events:
user_tracking.js
to differentiate automated user events from SDK user eventspassport.js
and migrated some of the logic touser_tracking.js
to make it framework independent and clearersetCollectionMode()
, called by appsec index and remote config:anon
/anonymous
/safe
: hash the id and loginident
/identification
/extended
: don't hash the id and logindisabled
: don't collect the user id and logingetUserId()
: called bytrackLogin()
USER_ID_FIELDS
, if we find one we use it[object
, we skip ittrackLogin()
: called by appsec index in thepassport.verify
DC subscriberusr.id
, and also sending it to the WAFConfig:
appsec.eventTracking.enabled
identification
andanonymous
toappsec.eventTracking.mode
DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE
DD_APPSEC_AUTOMATED_USER_EVENTS_TRACKING
tests: add missing coverage for existing and new features, fix various typos, incorrect tests, inconsistencies, etc...
chore: update typings for new config